created fail2ban state #2
@ -1,3 +1,4 @@
|
||||
include:
|
||||
- fail2ban.install
|
||||
- fail2ban.jails
|
||||
- fail2ban.prometheus
|
||||
|
35
fail2ban/prometheus.sls
Normal file
35
fail2ban/prometheus.sls
Normal file
@ -0,0 +1,35 @@
|
||||
Define firewalld service for fail2ban exporter:
|
||||
firewalld.service:
|
||||
- name: fail2ban_exporter
|
||||
- ports:
|
||||
- 9191/tcp
|
||||
|
||||
Addinge fail2ban exporter fw service:
|
||||
firewalld.present:
|
||||
- name: public
|
||||
- services:
|
||||
- fail2ban_exporter
|
||||
|
||||
create fail2ban-exporter container:
|
||||
cmd.run:
|
||||
- name: podman container create --name fail2ban-exporter -v /var/run/fail2ban:/var/run/fail2ban:ro -p 9191:9191 registry.gitlab.com/hectorjsmith/fail2ban-prometheus-exporter:latest
|
||||
- unless: podman container exists fail2ban-exporter
|
||||
|
||||
create fail2ban-exporter container unit file:
|
||||
cmd.run:
|
||||
- name: podman generate systemd --name fail2ban-exporter > /etc/systemd/system/fail2ban-exporter.service
|
||||
- onchanges:
|
||||
- cmd: create fail2ban-exporter container
|
||||
|
||||
run daemon reload for fail2ban-exporter container unit file:
|
||||
cmd.run:
|
||||
- name: systemctl daemon-reload
|
||||
- onchanges:
|
||||
- cmd: create fail2ban-exporter container unit file
|
||||
|
||||
start fail2ban-exporter container:
|
||||
service.running:
|
||||
- name: fail2ban-exporter
|
||||
- enable: true
|
||||
- watch:
|
||||
- cmd: create fail2ban-exporter container unit file
|
Reference in New Issue
Block a user